Experience

Audits

Cyberforks runs hands-on security and compliance audits for organizations that want a practitioner's read, not a templated report โ€” delivering prioritized findings an executive or remediation team can act on without extra interpretation.

01

NIST CSF Audits

Evaluate your security positioning against the NIST Cybersecurity Framework.

  • Stakeholder interviews and controls inventory
  • Framework function and category mapping
  • Gap analysis with prioritized remediation roadmap
  • Executive-ready findings memo

Typical use: leadership assessment, board-review preparation.

02

HIPAA Compliance Audits

Security and Privacy Rule readiness for healthcare organizations and their associates.

  • Risk assessment under ยง164.308(a)(1)
  • Business Associate Agreement inventory and review
  • Technical safeguards evaluation (encryption, access control, audit logging)
  • Policy and documentation review with remediation planning

Common triggers: OCR inquiry, incident response, vendor evaluation.

03

SOC 2 Type 2 Policy Audits

Pre-audit preparation against the Trust Services Criteria.

  • Policy review and alignment
  • Gap identification
  • Policy drafts and revisions
  • Handoff package for full readiness assessment

Preparatory work โ€” not the SOC 2 attestation itself.

04

Cyber / IT Audits

General security-posture assessment without a specific compliance framework.

  • Asset and access inventory
  • Patch management and configuration review
  • Network architecture and segmentation analysis
  • Documentation, monitoring, and incident-response readiness

Use cases: inter-audit assessments, baseline establishment.

Need a real read on where you stand?

Every engagement is scoped to your environment, not templated.

Get in touch